<?php 
    function authentication(){
        if(!isset($_SESSION)) session_start();
    
        $vUsername = isset($_SESSION['Username']) ? $_SESSION['Username'] : '';
        $vPassword = isset($_SESSION['Password']) ? $_SESSION['Password'] : '';
        
        $sql = "SELECT * FROM users WHERE username='$vUsername' AND password='$vPassword'";
        $res = mysql_query($sql);
        if(mysql_num_rows($res) > 0) {
            $row = mysql_fetch_array($res);
            $_SESSION['Id_user'] = $row['id_user'];
            
            return true;
        }
        return false;
    }
    
    function login($user, $pass){
        if(!isset($_SESSION)) session_start();
        $_SESSION['Username'] = "";
        $sql = "select * from users where username = '$user' and password = '$pass'";
        $result = mysql_query($sql);
        $row = mysql_fetch_array($result);
        if(isset($row)){
            $_SESSION['Username'] = $user;
            $_SESSION['Password'] = $pass;
            return true;
        }
        return false;
    }
    
    function logout(){
        unset($_SESSION['Username']);
        unset($_SESSION['Password']);
        unset($_SESSION['Id_user']);
    }
    
    function getRole(){
        if (!isset($_SESSION)) {
            session_start();        
        }
        $user = $_SESSION['Username'];
        $pass = $_SESSION['Password'];
        $sqlrole = "select roles.role_name from roles,users where users.roleid = roles.roleId and users.name = '".$user."' and users.password = '".$pass."'";
        $rel = mysql_query($sqlrole);
        $row = mysql_fetch_array($rel);
        return $row['role_name'];
    }
 ?>